Topics
Relevant topics and the role of Softagram
- DevSecOps and DevOps
- Integrated automated code analysis to give useful feedback for the developer on their code changes, prevent creating bad architecture, make code review smoother. This includes the control of architectural degradation, presence of unwanted open source licenses or dependencies, and ensuring that the software keeps free of known vulnerabilities (that your dependencies keep fresh enough).
- Static Code Analysis Tools
- Analyzing architectural quality, dependency cycles, complexity bottlenecks. Calculating software metrics to find hotspots. Visualizing software structures with help of dependency graphs augmented with user-defined heat-maps.
- Source Code Management Software
- Tracking the software changes, e.g. change volume (what changes most, what keeps stable). Providing heat-map visualization to show change volumes. Showing the software project dependencies to better predict change needs.
- Software Development Analytics
- Tracking the reasons and originators of changes, e.g. understanding why software is changing and how active the teams and contributors are. Providing valuable insight on what features and parts are more challenging and using that data to help understanding the next investments. Finding out what kind of technical debt is hurting the progress most.
- Continous Integration
- When integrated to Git version control, automated analysis can track all the branches, providing continuous data based on the software situation, also with a multi repo set-up. It is also possible to hook Softagram with your favourite CI system such as Jenkins, and provide the feedback for its build process.
- Automated Code Review
- When integrated with webhooks against GitHub, GitLab, Bitbucket, Azure DevOps, Gerrit or Helix TeamHub, each code review (pull request or merge request) automatically triggers code analysis to gather the essential differences between the main branch and the changed code under review. That information is fed back as a visualization-equipped comment, for helping humans to do code reviewer better.
- Automated Testing
- As the goal of testing is to find unwanted behavior, the goal of Softagram in this topic is to help blocking changes that are degrading architectural quality of the system. This includes bad dependencies, falsely named packages or directories, badly located functionalities (e.g. mixed responsibilities). Softagram is gathering and refining the dependency delta information to help humans to do the final judgement.
- Software Composition Analysis
- Software may contain various pieces of information and code, such as copy-left licenses (e.g. GPL-component linked into proprietary software), or dangerous open source components with many known vulnerabilities. The software may also have dependencies to external services that might be known only by few of the development team. Continuous analysis and visualization of the source helps finding out those specialties as early possible.
- Dependency Analysis
- Dependency analysis is the process of resolving the internal and external dependencies of a software product, in order to efficiently perform e.g. code review or software documentation activities.